Silverlight? :) On Thu, Jun 4, 2015 at 1:25 PM, Andrew S. Baker <[email protected]> wrote:
> FTFY > > > > > > > *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> > *Providing Virtual CIO Services (IT Operations & Information Security) for > the SMB market…* > > > > On Thu, Jun 4, 2015 at 4:19 PM, Rankin, James R < > [email protected]> wrote: > >> Sounds like my assertion that half the world's sysadmins are crying out >> for a decent Java >> replacement >> solution is correct... >> >> >> ------- >> >> James Rankin | Director | TaloSys | 07809668579 >> Sent from my Blackberry >> >> -----Original Message----- >> From: "Maglinger, Paul" <[email protected]> >> Sender: <[email protected]> >> Date: Thu, 4 Jun 2015 19:54:57 >> To: '[email protected]'<[email protected]> >> Reply-To: <[email protected]> >> Subject: RE: [NTSysADM] Cryptlocker >> >> Updates would be fine... if they didn't break things. >> Reminds me of when we put in our latest Cisco IP Telephony solution. >> The phone system wanted me to upgrade my Java but then Cisco's web site >> wouldn't work with that version. >> *thunk* *thunk* *thunk* >> I LOATHE Java... >> >> -----Original Message----- >> From: [email protected] [mailto: >> [email protected]] On Behalf Of Kurt Buff >> Sent: Thursday, June 04, 2015 2:34 PM >> To: ntsysadm >> Subject: Re: [NTSysADM] Cryptlocker >> >> Updates of Java? Hell no. >> >> Some of our users somehow get Java fubared, and when ADP can't find Java, >> they tell the user to install 6u29, so I've put in an exception in our AV >> to block the download, >> >> Kurt >> >> On Thu, Jun 4, 2015 at 10:30 AM, Kennedy, Jim < >> [email protected]> wrote: >> > Nope, if they did I would be pushing hard to replace it. Have they >> gotten >> > any better at keeping up with updates? >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Kurt Buff >> > Sent: Thursday, June 4, 2015 1:28 PM >> > >> > >> > To: ntsysadm >> > Subject: Re: [NTSysADM] Cryptlocker >> > >> > >> > >> > Your users don't file their timecards with ADP, then... >> > >> > Kurt >> > >> > >> > >> > On Thu, Jun 4, 2015 at 9:52 AM, Kennedy, Jim >> > <[email protected]> >> > wrote: >> > >> > 2 depends on Oracle, Chrome has been begging them for it for some time. >> > From Chrome’s perspective 1 and 2 are the same. That said, I honestly >> > do not think Firefox has any plans to discontinue NPAPI support. Their >> > approach is disabled by default….user beware if you enable it. >> > >> > >> > >> > Anecdotal but I can say that most of my users use Chrome, and they >> > have not missed Java. >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Damien Solodow >> > Sent: Thursday, June 4, 2015 12:49 PM >> > >> > >> > To: [email protected] >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > Doubtful; I see one of two things happening: >> > >> > 1) Oracle blinks and releases an updated JRE that doesn’t use NPAPI >> > >> > 2) Chrome includes its own JRE like they did with Flash >> > >> > >> > >> > DAMIEN SOLODOW >> > >> > Senior Systems Engineer >> > >> > 317.447.6033 (office) >> > >> > 317.447.6014 (fax) >> > >> > HARRISON COLLEGE >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Melvin Backus >> > Sent: Thursday, June 4, 2015 12:44 PM >> > To: [email protected] >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > So if I’m reading this correctly that would seem to mean that all the >> > thousands (millions?) of pages with Java embedded are going to be >> > relegated to IE only? (And JAVA will finally DIE? Albeit a slow and >> > lingering death.) >> > >> > >> > >> > >> > >> > -- >> > There are 10 kinds of people in the world... >> > those who understand binary and those who don't. >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Kurt Buff >> > Sent: Thursday, June 4, 2015 10:41 AM >> > To: ntsysadm >> > Subject: Re: [NTSysADM] Cryptlocker >> > >> > >> > >> > Not Java specifically - the NPAPI interface. >> > >> > So is Firefox, and so will Edge... >> > >> > Kurt >> > >> > >> > >> > On Thu, Jun 4, 2015 at 6:42 AM, Heaton, Joseph@Wildlife >> > <[email protected]> wrote: >> > >> > Interesting. I didn’t realize that Chrome was doing away with Java >> > functionality. Thanks for the update. >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Kennedy, Jim >> > Sent: Thursday, June 04, 2015 5:12 AM >> > >> > >> > To: [email protected] >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > Demand for this in Chrome will dwindle to zero in September when there >> > isn’t any way to run Java in Chrome. It’s already dwindling….we did >> > not bypass the block in the last patch for Chrome that disabled it. >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of James Rankin >> > Sent: Thursday, June 4, 2015 7:08 AM >> > To: [email protected] >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > OK, FSLogix confirm that currently the Java remediation only works with >> IE. >> > You can restrict other browsers on a process basis only currently, so >> > you could force Chrome or Firefox to a specific Java version by >> > process, but not by URL. >> > >> > >> > >> > However, support for other browsers is on the roadmap. Any customer >> > demand (probably someone coming along with 5000 users and wanting it >> > to work in >> > Chrome) will “drive the roadmap forward”, i.e. they’ll do it ASAP if >> > there’s a big enough sale at the end of it J >> > >> > >> > >> > Hope this helps, >> > >> > >> > >> > >> > >> > >> > >> > JR >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of James Rankin >> > Sent: 03 June 2015 18:56 >> > To: [email protected] >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > OK, I tried to test with Chrome and found out that Chrome has disabled >> > just about all the plugins from the websites I was using for testing L >> > >> > >> > >> > Waiting for an answer from FSLogix support as I now have to put the >> > kids in the bath! >> > >> > >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Jonathan Link >> > Sent: 03 June 2015 18:44 >> > To: [email protected] >> > Subject: Re: [NTSysADM] Cryptlocker >> > >> > >> > >> > Probably not pants. >> > >> > >> > >> > On Wed, Jun 3, 2015 at 12:26 PM, James Rankin >> > <[email protected]> >> > wrote: >> > >> > Let me get you an answer on that…maybe something I should have tested >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Heaton, Joseph@Wildlife >> > Sent: 03 June 2015 17:22 >> > To: '[email protected]' >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > So, it looks like FSLogix only works with IE? Is that true? >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of James Rankin >> > Sent: Tuesday, June 02, 2015 11:16 AM >> > To: [email protected] >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > OK, quick and dirty run-down, but I’m sure you can all get the gist of >> > it >> > (hopefully!) >> > >> > >> > >> > http://appsensebigot.blogspot.co.uk/2015/06/fslogix-first-look-1-manag >> > ing-legacy-or.html >> > >> > >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Kurt Buff >> > Sent: 02 June 2015 17:38 >> > To: ntsysadm >> > Subject: Re: [NTSysADM] Cryptlocker >> > >> > >> > >> > Yes, please put up the link here when done. >> > >> > Kurt >> > >> > >> > >> > On Tue, Jun 2, 2015 at 8:43 AM, James Rankin >> > <[email protected]> >> > wrote: >> > >> > I shall endeavour to finish this as soon as possible then! >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Maglinger, Paul >> > Sent: 02 June 2015 16:12 >> > To: '[email protected]' >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > Me too! >> > >> > >> > >> > -Paul >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Sean Martin >> > Sent: Tuesday, June 02, 2015 10:07 AM >> > >> > >> > To: [email protected] >> > Subject: Re: [NTSysADM] Cryptlocker >> > >> > >> > >> > Definitely interested. >> > >> > - Sean >> > >> > >> > On Jun 2, 2015, at 6:08 AM, James Rankin <[email protected]> >> wrote: >> > >> > What you need is FSLogix Java Rules Manager, only allow the vulnerable >> > Java version to be seen when a specific URL is visited, otherwise – >> > it’s invisible to the user and OS, and the latest version is used. >> > >> > >> > >> > I’m writing an article up on this today, if anyone’s interested in >> > Java version management (on a sysadmin list, who isn’t?) >> > >> > >> > >> > J >> > >> > >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Heaton, Joseph@Wildlife >> > Sent: 02 June 2015 14:51 >> > To: '[email protected]' >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > Update Java? That’s just crazy talk. We’re still at 7u51, with no >> > roadmap in place to go any higher. Not my choice, btw, it is >> > development issues with Oracle. >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Ed Ziots >> > Sent: Saturday, May 30, 2015 10:48 AM >> > To: [email protected] >> > Subject: RE: [NTSysADM] Cryptlocker >> > >> > >> > >> > Nice.strategy >> > >> > Ed >> > >> > On May 29, 2015 9:31 AM, "Robert Strong" <[email protected]> wrote: >> > >> > Ensure you have the latest patches installed for Java and Flash. >> > Exploit kits like Angler, Nuclear and Magnitude are starting to >> > distribute Ransomware more frequently via drive-by download attacks >> > and malicious advertisements on common websites. >> > >> > >> > >> > We’ve had several ransomware incidents in the last few months all due >> > to unpatched systems. Host based detection is limited at best, but one >> > thing I have noticed in all incidents seen is that the malware >> > typically uses hxxp://ipinfo.io/ip to determine its public facing IP >> address. >> > >> > >> > >> > We have created correlation rules that detect users going to this >> > domain via our McAfee ESM SIEM, we then have an alarm that fires when >> > that correlation rule is seen and we can automatically apply an ePO >> > tag to enforce a policy that severely ‘disables’ the system (no R/W to >> > network shares, restricted HTTP/HTTPS going out). Our alarm also >> > e-mails out some key characteristics about the infected machine for >> > easy identification by our IT Service Desk team. >> > >> > >> > >> > Ransomware isn’t going away and it’s going to get worse. We’ve been >> > able to detect these IoC’s and have the issue remediated in under 7 >> minutes. >> > >> > >> > >> > Cheers, >> > >> > >> > >> > Rob Strong >> > >> > Information Security Specialist >> > >> > Equitable Life of Canada >> > >> > >> > >> > >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of David McSpadden >> > Sent: Thursday, May 28, 2015 7:17 PM >> > To: <[email protected]> >> > Subject: Re: [NTSysADM] Cryptlocker >> > >> > >> > >> > That's mine today. >> > >> > What variant was yours >> > >> > Sent from my iPhone >> > >> > >> > On May 28, 2015, at 7:14 PM, Heaton, Joseph@Wildlife >> > <[email protected]> wrote: >> > >> > We had that the other day. The files are getting encrypted, but the >> > extensions are not getting changed. >> > >> > >> > >> > From: [email protected] >> > [mailto:[email protected]] >> > On Behalf Of Jonathan Link >> > Sent: Thursday, May 28, 2015 8:37 AM >> > To: [email protected] >> > Subject: Re: [NTSysADM] Cryptlocker >> > >> > >> > >> > The text files created should indicate the affected user with the >> > Owner attribute, no? >> > >> > >> > >> > >> > >> > On Thu, May 28, 2015 at 11:30 AM, David McSpadden <[email protected]> >> wrote: >> > >> > I am pretty sure I have pc with this on it in my network. >> > >> > I have ran scans on workstations. >> > >> > I still do not see it but I have the tell tale signs. >> > >> > The HELP_DECRYPT files in network folders. >> > >> > The word and excel files not being able to be opened etc. >> > >> > How do I remove something that Trend is not seeing? >> > >> > Nor Windows Endpoint protection? >> > >> > >> > >> > >> > >> > David McSpadden >> > >> > Systems Administrator >> > >> > Indiana Members Credit Union >> > >> > P: 317.554.8190 | F: 317.554.8106 >> > >> > <image002.jpg> >> > >> > >> > >> > <image003.jpg> >> > >> > <image004.png> >> > >> > >> > >> > This e-mail and any files transmitted with it are property of Indiana >> > Members Credit Union, are confidential, and are intended solely for >> > the use of the individual or entity to whom this e-mail is addressed. >> > If you are not one of the named recipient(s) or otherwise have reason >> > to believe that you have received this message in error, please notify >> > the sender and delete this message immediately from your computer. Any >> > other use, retention, dissemination, forwarding, printing, or copying >> > of this email is strictly prohibited. >> > >> > >> > >> > Please consider the environment before printing this email. >> > >> > >> > >> > IMPORTANT NOTICE: Without the use of secure encryption, the Internet >> > is not a secure medium and privacy cannot be ensured. Internet e-mail >> > is vulnerable to interception, misuse and forging. Equitable cannot >> > ensure the privacy and authenticity of any information sent by way of >> the public Internet. >> > Equitable will not be responsible for any damages you may incur if you >> > communicate confidential and personal information to us over the >> > Internet or if we communicate such information to you at your request. >> > This e-mail and any attachments are confidential, may be covered by >> > legal professional privilege or exempt from disclosure under >> > applicable law, and are intended for the addressee only. If you are >> > not the intended recipient, you are not authorized to and must not >> > disclose, copy, distribute or retain any or part of this e-mail and >> > any attachments without written permission of The Equitable Life >> Insurance Company of Canada. >> > >> > >> > >> > >> > >> > >> > >> > >> >> >> >
